Forum Discussion
Stanislas_Piro2
May 24, 2016Cumulonimbus
Hi,
Another solution is to check HTTP referer header. if it is not abc.com, reply to the same URI with cookie deletion.
when HTTP_REQUEST {
if {!([HTTP::header Referer] starts_with "https://abc.com/") && [HTTP::cookie exists "Mycookie"]} {
HTTP::respond 302 noserver Set-Cookie "Mycookie=deleted;secure;expires=Thu, 01 Jan 1970 00:00:00 GMT" Location [HTTP::uri]
}
}